Recently I have been configuring SFTP servers in the lab. As part of this work, I have been trying to understand exactly what occurs when the client establishes a connection with the SFTP server. I have been doing this by capturing packets and examining the detailed debug output of the client and server during the initial connection process. This article will provide details that I have observed about what happens during the unencrypted setup of the connection used by SFTP, hopefully organized in a manner that that make sense and explains the process.
When creating a script that will be used from the command line, parsing the input for data and errors is important. Here is one method to do this that uses functions, a CASE statement and conditional IF THEN logic.
Linux Text Processing Commands and Procedures is a reference article that contains information about the Linux text processing commands such as awk, cut, grep, tr, sed, etc. The PDF file will continue to be updated as needed.
FTP is a very unsecure method for transferring files, but unfortunately it is still in use by a number of corporations to day. Normally when it is used, some type of additional encryption such as PGP is used to encrypt the contents of the file being transferred. In this article we will examine the details of how a unencrypted file is sent using FTP and then we will repeat the process with a file encrypted using PGP.
This article provides a deep dive analysis of exactly what happens when an active FTP connection is made. By using an FTP client in debug mode and capturing packets using tcpdump, each step of the connection process is reviewed.
This article provides a deep dive analysis of exactly what happens when a passive FTP connection is made. By using an FTP client in debug mode and capturing packets using tcpdump, each step of the connection process is reviewed.
This article shows how to use OpenSSL to create a private key, public key and a self signed certificate. It also shows how to configure Apache web server to use the private key and certificate to access an SSL URL. Finally, OpenSSL is used to create a single self-signed certificate to access 2 different URLs in Apache web server.
I am continuing my research into the requirements for installing and configuring Oracle RAC. One of the requirements is that each RAC node needs the ability to login to other nodes without providing a password. The Oracle community refers to this as SSH user equivalence, but it is also referred to as SSH key based authentication. SSH will use public/private key authentication between the nodes instead of passwords. This configuration is useful for scripts and programs that must communicate between the RAC nodes since they do not need to be configured to use a password. Continue reading
This article details how to create a set of disks that can be shared between 2 VMware guest servers. I discovered this process while researching how to install an Oracle RAC database. This is a clustered database that requires shared storage among all of the servers in the cluster. There are many ways to created shared storage, depending on the type of servers and whether virtualization is being used. In a related article I have previously documented how to use VMware VSAN to create a shared storage solution under ESXi 5.5.
This article assumes that you already have 2 guest servers created. Here I will be using Centos Linux 6. You will also need to have the vSphere client (VCLI) installed on a Windows workstation that can be used to access the ESXi server directly. VCLI can be downloaded from the VMware site. Continue reading
The main reason that I document the detailed processes for performing system administration tasks in this site is for me. I know that others enjoy reading these processes and also find them helpful, but my primary target audience is myself. Normally I forget the steps that I perform fairly quickly after I complete a task. Over the years I have found it most helpful to document the steps on the web since I can easily find them and repeat the process whenever needed, wherever I happen to be.
Recently, I had the opportunity to refer back to one of my articles I had written a few months before on how to install the python-pip package for Python 2.6 running under Centos 6. I was planning on using the Boto API to create and modify infrastructure in AWS. Unfortunately, I had repurposed the original server that had Boto installed. I needed to use Pip to add Boto to a new Centos 6 server, and of course this required that I install Pip first. Since I had written the process so recently, I was very surprised when I ran into errors when trying to use it just a few months later. Continue reading